Malvertising used by Syrian Electronic Army in Reuters hack

Security

by Jimmy Nicholls| 23 June 2014

Assad sympathisers continue to target Western media ‘propaganda’.

Reuters was yesterday hit by malvertising inserted on its site by the Syrian Electronic Army (SEA), just days after the group attacked the Sunday Times and the Sun.

Targeting adverts provided by Israeli agency Taboola, the attack redirected users to a message demanding the news wire stop publishing "fake" reporta on Syria, identical to that posted on News UK's websites last week.

Confirming the breach Adam Singolda, chief executive of Taboola said: "While we use two step authentication, our initial investigation shows the attack was enabled through a phishing mechanism.

"We immediately changed all access passwords, and will continue to investigate this over the next 24 hours."

The attack was estimated to last an hour, but was resolved 35 minutes after being detected, and Reuters has since been working as usual.

"UK government is supporting the terrorists in Syria to destroy it," SEA said in its message. " Stop spreading its propaganda."

Sympathetic to Syrian president Bashar al-Assad, SEA are thought to be a young group of Syrians living both inside and outside the state, who regularly attack Western media groups they perceive to be hostile to Assad's regime.

Reuters was targeted by the hacking group last year when it seized control of the news wire's Twitter account, posting political cartoons in support of Assad. The year before a similar attack also took place.

Malvertising luring users into ransomware attacks was discovered earlier this month on websites belonging to Disney, Facebook and the Guardian earlier this month, in what appears to be an increasingly common attack strategy.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

755 people like this.
0 people follow this.

Security Intelligence

Buy the latest industry research online today!
See more

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.